-
Hackers have left a live Twitter/X credential‑stuffing botnet effectively unlocked, exposing its full command‑and‑control stack, worker fleet, and root passwords to anyone who knows where to look. The C2 runs on a Windows Server 2019 instance hosted by…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing the Masjesu botnet to run high-volume DDoS-for-hire attacks against routers, gateways, and other exposed IoT infrastructure, turning everyday network hardware into commercial attack firepower. Operating quietly since early 2023 and …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are aggressively hijacking Internet-exposed ComfyUI servers and converting them into high‑value cryptomining rigs and proxy botnet nodes, abusing weakly secured AI image-generation setups for long‑term monetization. More than 1,000 ComfyUI serv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms that now underpin record-breaking attacks and stealthy cybercrime operations. In total, over 21,000 C2 servers were observed between July and Decem…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Global crackdown dismantles Aisuru, KimWolf, JackSkid and Mossad botnets behind major DDoS attack campaigns targeting millions of devices worldwide.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A misconfigured open directory on an Iranian server has exposed a live censorship-bypass relay and SSH-based botnet operation, revealing how a single actor stitched together a 15-node network across Iran and Finland using commodity tools and sloppy ope…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
RondoDox is a Mirai‑style botnet that has quickly evolved into a highly automated exploitation engine, chaining 174 vulnerabilities with large‑scale use of compromised residential IP infrastructure. This explosive growth widens the global attack surfa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OCRFix is a multi-stage botnet Trojan campaign that abuses a fake Tesseract OCR download site, ClickFix-style PowerShell execution, and EtherHiding on BNB Smart Chain to conceal a rotating blockchain-backed command infrastructure. The fake site gates c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
